Amendment to the Claims: 

This listing of claims will replace all prior versions and listings of claims in the 
application. 

Listing of Claims: 

1 . (Currently amended) A method of managing authorization tokens within a computer 
system comprising: 

creating a master owner token indicating a management environment has full 
ownership of a trusted platform module within the computer system by a management 
environment ; 

creating at least one a delegate owner token for a delegated environment; 

communicating the delegate owner toke n, but not the master owner token, to the 
delegated environment and to the trusted platform modulo ; and 

allowing the delegated environment access to the trusted platform module by th e 
d e l e gat e d e nvironm e nt when the delegated environment presents a valid the delegate 
owner token to the trusted platform module. 

2. (Original) The method of claim 1, further comprising storing the master owner token 
in a secure storage within the computer system. 

3. (Canceled) 

4. (Currently amended) The method of claim 1, wherein creating the delegate owner 
token comprises the management environment assigns a delegate owner token to a 
delegated environment by sealing the delegate owner token to the delegated environment. 
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5. (Currently amended) The method of claim 1 , further comprising wherein the master 
owner token indicates indicating the management environment can change at least one of 
the master owner token and [[a]] the delegate owner token. 

6. (Currently amended) The method of claim 1, further comprising launching the 
management environment before and then launching the delegated environment. 

7. (Previously presented) The method of claim 1, further comprising storing the delegate 
owner token in an access control list in the trusted platform module. 

8. (Currently amended) The method of claim [[1]] 7, further comprising removing, by 
the management environment, [[a]] the delegate owner token from the access control list 
and adding a different delegate owner token to the access control list. 

9. (Currently amended) An article comprising: 

a storage medium having a plurality of machine readable instructions, wherein 
when the instructions are executed by a processor, the instructions provide for managing 
authorization tokens within a computer system by 

creating a master owner token indicating an administrative environment has full 
ownership of a trusted platform module within the computer system by an administrative 
environment ; 

creating a at least one delegate owner token for a delegated environment; 

communicating the delegate owner toke n, but not the master owner token, to the 
delegated environment and to the trusted platform modulo ; and 

allowing the delegated environment access to the trusted platform module by the 
environment when the delegated environment presents a valid the delegate owner token 
to the trusted platform module. 
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10. (Original) The article of claim 9, further comprising instructions for storing the 
master owner token in a secure storage within the computer system. 

11. (Canceled) 

12. (Currently amended) The article of claim 9, wherein creating the delegate owner 
token comprises the management administrative environment assigns a delegate owner 
token to a delegated environment by sealing the delegate owner token to the delegated 
environment. 

13. (Currently amended) The article of claim 9, wherein further comprising the master 
owner token indicates indicating the management administrative environment can change 
at least one of the master owner token and [[a]] the delegate owner token. 

14. (Currently amended) The article of claim 9, further comprising instructions for 
launching the administrative managomont environment and then before launching the 
delegated environment. 

15. (Previously presented) The article of claim 9, further comprising instructions for 
storing the delegate owner token in an access control list in the trusted platform module. 

16. (Currently amended) The article of claim [[9]] 15, further comprising instructions 
for removing, by the management administrative environment, [[a]] the delegate owner 
token from the access control list and adding a different delegate owner token to the 
access control list. 

17. (Currently amended) A computer system comprising: 

a plurality of delegated environments; 
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a management environment to create a master owner token indicating the 
management environment has full ownership of a trusted platform module within the 
computer system, to create a plurality of delegate owner tokens indicating partial 
ownership of the trusted platform module, and to communicate a selected one of the 
plurality of delegate owner tokens , but not the master owner token, to a selected one of 
the plurality of delegated environments and to the trusted platform module ; 

wherein the trusted platform module stores delegate owner tokens created by 
received from the management environment and allows the selected one of the plurality 
of delegated environments access to the trusted platform module by the selected 
environment when a valid the selected one of the plurality of delegate owner tokens is 
presented to the trusted platform module by the selected one of the plurality of delegated 
environments. 

18. (Original) The computer system of claim 17, further comprising a secure storage to 
store the master owner token. 

19. (Canceled) 

20. (Currently amended) The computer system of claim 17, wherein the trusted platform 
module comprises an access control list for storing [[the]] delegate owner tokens created 
by received from the management environment. 
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